diff options
| author |   Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-11-11 14:58:58 +0100 |
|---|---|---|
| committer | Fiete Ostkamp <fiete.ostkamp@telekom.de> | 2024-11-12 06:54:01 +0000 |
| commit | ccf10e681044664888d7e0e0b50623bdbe92de5a (patch) | |
| tree | f6362d0e0695fb76d86493a721bdfff5d2b09608 | |
| parent | 616e19c4fe775efd611500c23856af69287c0a15 (diff) | |
Update vulnerable dependencies in schema-service
- update freemarker (2.3.21 -> 2.3.33)
- update snakeyaml (1.29 -> 2.3)
- remove duplicate declarations of dependencies in pom
- remove aai-aaf-auth dependency
Issue-ID: AAI-4052
Change-Id: Ice8a520f024c024ae7118378176df6fe1242f1bb
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
| -rw-r--r-- | aai-annotations/pom.xml.versionsBackup | 78 | ||||
| -rw-r--r-- | aai-queries/pom.xml | 6 | ||||
| -rw-r--r-- | aai-queries/src/main/java/org/onap/aai/queries/GremlinServerSingleton.java | 22 | ||||
| -rw-r--r-- | aai-schema-gen/pom.xml | 4 | ||||
| -rw-r--r-- | aai-schema-gen/src/test/resources/dbedgerules/EdgeDescriptionRules_test.json | 39 | ||||
| -rw-r--r-- | aai-schema-service/pom.xml | 34 | ||||
| -rw-r--r-- | aai-schema-service/src/main/java/org/onap/aai/schemaservice/config/AuthorizationConfiguration.java | 40 | ||||
| -rw-r--r-- | aai-schema/pom.xml | 13 |
8 files changed, 62 insertions, 174 deletions
diff --git a/aai-annotations/pom.xml.versionsBackup b/aai-annotations/pom.xml.versionsBackup deleted file mode 100644 index 1e03e0e..0000000 --- a/aai-annotations/pom.xml.versionsBackup +++ /dev/null @@ -1,78 +0,0 @@ -<?xml version="1.0"?> -<!-- - - ============LICENSE_START======================================================= - org.onap.aai - ================================================================================ - Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - ---> -<project - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" - xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.onap.aai.aai-common</groupId> - <artifactId>aai-common</artifactId> - <version>1.3.1-SNAPSHOT</version> - </parent> - <artifactId>aai-annotations</artifactId> - <name>aai-annotations</name> - <packaging>jar</packaging> - <version>1.3.1-SNAPSHOT</version> - <properties> - <onap.nexus.url>https://nexus.onap.org</onap.nexus.url> - </properties> - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <version>3.8.1</version> - <scope>test</scope> - </dependency> - </dependencies> - - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-source-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-deploy-plugin</artifactId> - </plugin> - <plugin> - <groupId>org.sonatype.plugins</groupId> - <artifactId>nexus-staging-maven-plugin</artifactId> - </plugin> - </plugins> - </build> - - <!-- Plugins and repositories --> - <pluginRepositories> - <pluginRepository> - <id>central</id> - <url>http://repo1.maven.org/maven2</url> - </pluginRepository> - <pluginRepository> - <id>EvoSuite</id> - <name>EvoSuite Repository</name> - <url>http://www.evosuite.org/m2</url> - </pluginRepository> - </pluginRepositories> - -</project> diff --git a/aai-queries/pom.xml b/aai-queries/pom.xml index 82381eb..32906e9 100644 --- a/aai-queries/pom.xml +++ b/aai-queries/pom.xml @@ -104,6 +104,12 @@ <groupId>org.onap.aai.aai-common</groupId> <artifactId>aai-core</artifactId> <scope>compile</scope> + <exclusions> + <exclusion> + <groupId>org.onap.aai.aai-common</groupId> + <artifactId>aai-aaf-auth</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.hamcrest</groupId> diff --git a/aai-queries/src/main/java/org/onap/aai/queries/GremlinServerSingleton.java b/aai-queries/src/main/java/org/onap/aai/queries/GremlinServerSingleton.java index 2387f04..57cdf4d 100644 --- a/aai-queries/src/main/java/org/onap/aai/queries/GremlinServerSingleton.java +++ b/aai-queries/src/main/java/org/onap/aai/queries/GremlinServerSingleton.java @@ -31,7 +31,6 @@ import java.util.TimerTask; import javax.annotation.PostConstruct; -import org.onap.aai.aaf.auth.FileWatcher; import org.onap.aai.logging.LogFormatTools; import org.onap.aai.util.AAIConstants; import org.slf4j.Logger; @@ -74,27 +73,6 @@ public class GremlinServerSingleton { + LogFormatTools.getStackTop(e)); } - TimerTask task = new FileWatcher(new File(storedQueriesLocation)) { - @Override - protected void onChange(File file) { - try { - String filepath = storedQueriesLocation; - Path path = Paths.get(filepath); - String customQueryConfigJson = new String(Files.readAllBytes(path)); - queryConfig = new GetCustomQueryConfig(customQueryConfigJson); - } catch (IOException e) { - logger.error("Error occurred during the processing of query json file: " - + LogFormatTools.getStackTop(e)); - } - } - }; - - if (!timerSet) { - timerSet = true; - timer = new Timer(); - timer.schedule(task, new Date(), 10000); - } - } /** diff --git a/aai-schema-gen/pom.xml b/aai-schema-gen/pom.xml index 3fc0b86..ceb0a86 100644 --- a/aai-schema-gen/pom.xml +++ b/aai-schema-gen/pom.xml @@ -654,7 +654,7 @@ <dependency> <groupId>org.yaml</groupId> <artifactId>snakeyaml</artifactId> - <version>1.29</version> + <version>2.3</version> <scope>compile</scope> </dependency> <dependency> @@ -688,7 +688,7 @@ <dependency> <groupId>org.freemarker</groupId> <artifactId>freemarker</artifactId> - <version>2.3.21</version> + <version>2.3.33</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.dataformat</groupId> diff --git a/aai-schema-gen/src/test/resources/dbedgerules/EdgeDescriptionRules_test.json b/aai-schema-gen/src/test/resources/dbedgerules/EdgeDescriptionRules_test.json new file mode 100644 index 0000000..c69b741 --- /dev/null +++ b/aai-schema-gen/src/test/resources/dbedgerules/EdgeDescriptionRules_test.json @@ -0,0 +1,39 @@ +{ + "rules": [ + { + "from": "service-subscription", + "to": "customer", + "label": "org.onap.relationships.inventory.BelongsTo", + "direction": "OUT", + "multiplicity": "MANY2ONE", + "contains-other-v": "!${direction}", + "delete-other-v": "!${direction}", + "prevent-delete": "NONE", + "default": "true", + "description":"" + }, + { + "from": "service-instance", + "to": "service-subscription", + "label": "org.onap.relationships.inventory.BelongsTo", + "direction": "OUT", + "multiplicity": "MANY2ONE", + "contains-other-v": "!${direction}", + "delete-other-v": "!${direction}", + "prevent-delete": "NONE", + "default": "true", + "description":"" + }, + { + "from": "service-subscription", + "to": "tenant", + "label": "org.onap.relationships.inventory.Uses", + "direction": "OUT", + "multiplicity": "MANY2MANY", + "contains-other-v": "NONE", + "delete-other-v": "NONE", + "prevent-delete": "NONE", + "default": "true", + "description":"" + } ] +} diff --git a/aai-schema-service/pom.xml b/aai-schema-service/pom.xml index d0d6627..a5ef621 100644 --- a/aai-schema-service/pom.xml +++ b/aai-schema-service/pom.xml @@ -340,11 +340,6 @@ <artifactId>jackson-jaxrs-json-provider</artifactId> </dependency> <dependency> - <groupId>org.mockito</groupId> - <artifactId>mockito-all</artifactId> - <scope>test</scope> - </dependency> - <dependency> <groupId>javax.xml.bind</groupId> <artifactId>jaxb-api</artifactId> <version>2.3.0</version> @@ -384,9 +379,17 @@ <groupId>org.onap.aai.aai-common</groupId> <artifactId>aai-schema-ingest</artifactId> </exclusion> + <exclusion> + <groupId>org.onap.aai.aai-common</groupId> + <artifactId>aai-aaf-auth</artifactId> + </exclusion> </exclusions> </dependency> <dependency> + <groupId>org.onap.aai.aai-common</groupId> + <artifactId>aai-els-onap-logging</artifactId> + </dependency> + <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-test</artifactId> <scope>test</scope> @@ -509,10 +512,6 @@ </pluginManagement> <plugins> <plugin> - <groupId>org.springframework.boot</groupId> - <artifactId>spring-boot-maven-plugin</artifactId> - </plugin> - <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-clean-plugin</artifactId> <version>3.2.0</version> @@ -693,7 +692,6 @@ <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-deploy-plugin</artifactId> </plugin> - <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> @@ -710,22 +708,6 @@ </execution> </executions> </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-clean-plugin</artifactId> - <version>3.2.0</version> - <configuration> - <filesets> - <fileset> - <directory>${project.basedir}/src/main/resources/schema</directory> - <includes> - <include>**/*</include> - </includes> - <followSymlinks>false</followSymlinks> - </fileset> - </filesets> - </configuration> - </plugin> </plugins> </build> <reporting> diff --git a/aai-schema-service/src/main/java/org/onap/aai/schemaservice/config/AuthorizationConfiguration.java b/aai-schema-service/src/main/java/org/onap/aai/schemaservice/config/AuthorizationConfiguration.java deleted file mode 100644 index 971fb2b..0000000 --- a/aai-schema-service/src/main/java/org/onap/aai/schemaservice/config/AuthorizationConfiguration.java +++ /dev/null @@ -1,40 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aai.schemaservice.config; - -import org.onap.aai.aaf.auth.AAIAuthCore; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; - -@Profile("two-way-ssl") -@Configuration -public class AuthorizationConfiguration { - - @Value("${schema.uri.base.path}") - private String basePath; - - @Bean - public AAIAuthCore aaiAuthCore() { - return new AAIAuthCore(basePath); - } -} diff --git a/aai-schema/pom.xml b/aai-schema/pom.xml index edc2d2f..a078d38 100644 --- a/aai-schema/pom.xml +++ b/aai-schema/pom.xml @@ -59,12 +59,12 @@ <groupId>org.jvnet.jaxb2_commons</groupId> <artifactId>jaxb2-basics</artifactId> <version>0.11.1</version> - <exclusions> - <exclusion> - <groupId>commons-beanutils</groupId> - <artifactId>commons-beanutils</artifactId> - </exclusion> - </exclusions> + <exclusions> + <exclusion> + <groupId>commons-beanutils</groupId> + <artifactId>commons-beanutils</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>com.googlecode.json-simple</groupId> @@ -145,6 +145,7 @@ <plugin> <groupId>org.sonatype.plugins</groupId> <artifactId>nexus-staging-maven-plugin</artifactId> + <version>1.6.13</version> </plugin> </plugins> <resources> |